huawei
Scott Helms
khelms at zcorum.com
Fri Jun 14 23:51:22 UTC 2013
Really? In a completely controlled network then yes, but not in a
production system. There is far too much random noise and actual latency
for that to be feasible.
On Jun 14, 2013 7:35 PM, "Jimmy Hess" <mysidia at gmail.com> wrote:
> On 6/14/13, Scott Helms <khelms at zcorum.com> wrote:
>
> > backdoors (intentional or not) are in most if not all gear. Having said
> > that, it would still be pretty obvious in mass and over time to have
> > packets going to a predesignated host. Its not really possible for a box
> > to know whether its in a "real" network or a lab with Spirent or other
> > traffic generator hooked to it.
>
> It wouldn't have to send packets to a predefined host.
>
> Conceivably, it could leak bits of information by modulating the
> timing of packets forwarded by it, the spacing in times of packets
> from simple legitimate HTTP, DNS, or ICMP response, from behind the
> router, for protocols involving multiple RTTs, could be used to
> encode bits of information to be transmitted covertly.
>
> ; furthermore, the signalling to start communicating over the
> "timing based" hidden channel, could be established in various
> ways that would thoroughly disguise the malicious nature of the
> attacker's signalling.
>
> --
> -JH
>
More information about the NANOG
mailing list